Tuesday, November 04, 2003

Pester Your State for Accountable Voting!!!

I cannot over-emphasize the importance of accountable voting systems.

An advisory panel to the California Secretary of State has chosen to withhold approval of the Diebold AccuVote-TSX system until more tests have conducted. I've seen a lot of studies of the Diebold system. I think it should be rejected outright.

Here's a copy of the letter I sent to Secretary of State Kevin Shelley at
ConstituentAffairs@ss.ca.gov

* * * * * * * * * * * * * *
Dear Secretary of State Shelley,

I am completely against the certification of the electronic voting machines being marketed by Diebold Election Systems and Sequoia Voting System.

* * * * * * *
In a CNET article that discusses the problems with Diebold Election Systems, it states:
http://news.com.com/2100-1009_3-5054088.html

Using an earlier version of the source code that powers machines manufactured by Diebold Election Systems, the security experts--three from Johns Hopkins University and a colleague from Rice University--performed an audit and found numerous security holes.

"Our analysis shows that this voting system is far below even the most minimal security standards applicable in other contexts," said the researchers in a paper published Wednesday on the Internet, concluding that "as a society, we must carefully consider the risks inherent in electronic voting, as it places our very democracy at risk."

The criticisms echo a fundamental issue that many security researchers have raised with most current systems: There is no way to verify that a vote was correctly recorded and no permanent record is kept.

* * * * * * *
The Sequoia Voting System is also susceptible to major errors. At BlackBoxVoting.com, one can read the problems this particular system faces by it's reliance on an open FTP site:
http://69.13.2.49/modules.php?name=News&file=article&sid=108

Proving that Diebold isn't the only idiot in town, we have learned that Sequoia Voting System's WinEDS files are available to all interested parties on an FTP site. The site doesn't belong to SVS, it belongs to a local reseller, but this makes no difference.

While not as glaring a security screw up as posting all your source files, the SVS files prove that Michelle Townsend is lying through her teeth when she claims that her voting system does not run on Windows. While some parts of the software may be "proprietary", the whole system runs on top of a Windows OS, meaning all of Windows security holes come into play.

The good news is that at least SVS had brains enough to use a SQL database to store votes in, instead of Access. The bad news is they are still hard coding passwords, with this one set to (wait for it)... "password"

These companies keep telling us they have the tightest security in place to protect their software, then they just leave it out in the open for anyone to play with.

* * * * * * *
Please, do not certify either system for the state of California. The Diebold ballot devices seem to be especially vulnerable to inaccuracies. There should be no voting without a verifiable paper trail. Anything less is an assault on a fair democracy.

Sincerely,

E. P.

* * * * * * * * * * * * * * * * * * * * *
We absolutely need accountable voting system. To recycle my previous blogs, I want to remind my readers that Congressman Rush Holt has introduced legislation requiring all voting machines to produce a voter-verified paper trail. You can read about the bill at:
http://holt.house.gov/issues2.cfm?id=5996

VerifiedVoting.com has a page where you can check to see if your state representatives have taken a stand on H.R. 2239, the Voter Confidence Act

http://www.verifiedvoting.org/states.asp

* * * * * * * * * * * * * * * * * * * * *
E.P. Tuesday, November 04, 2003